Hackers steal as many as 2,208 customer’s credit card details with email addresses and travel plans also breached.
EasyJet Plc has confirmed a cyberattack on its company’s database in what appears to be one of the biggest data breaches to have hit the airline industry. Not less than 9 million customers’ travel details (Excluding passport details), email addresses were accessed by these cybercriminals in the “highly sophisticated” attack as released in a statement by EasyJet on Tuesday as the airline’s share “EZJ, -0.79%” went negative in London as a result of the incident.
The airline said it has started notifying customers whose credit card details were breached and currently contacting other customers that had their details exposed all through the coming days to protect themselves against the increase in the number of cyberattacks going on in Europe.
Though the airline did not immediately release the details of the attack, it says it has “detected and resolved the breach and also reported the incident to the Information Commissioner’s Office (ICO) in charge of data regulation and National Cybersecurity Centre.
EasyJet CEO, Johan Lundgren released a statement stating that “We take the cybersecurity of our systems very seriously and have a robust security arrangement set up to safeguard customers’ information.” “Furthermore, this is an evolving threat as cybercriminals get more advanced. We would like to tender an apology to every customer affected by this incident.
This cyberattack appears to be one of the largest to ever occur to any UK-based company, raising the probability that the EasyJet may likely be fined hugely just as Marriott hotels group and British Airways were fined a few months ago in a similar situation which will eventually disrupt the company’s finances due to the current pandemic that grounded businesses across the world.
EasyJet has maintained that there has been no recorded misuse of personal data exposed by the attack due to lack of evidence but was advised by ICO to contact every affected customer due to the high probability of a “phishing fraud attack.”
Why not learn how to protect your organization against internal threats.